Univention Bugzilla – Bug 54883
Expose entryUUID at UDM objects
Last modified: 2023-05-14 06:16:31 CEST
The entry UUID of UDM objects should be accessible for programmers. This should be done be simply add a python property `entry_uuid` to the simpleLDAP base class. The reason why this should be accessible is that customer projects otherwise need to do a LDAP search to get this. This is a unneeded performance impact.
A new property "entry_uuid" has been added to the UDM object representation as well as the Simple UDM API. This is now also used by the UDM REST API to save some time for every call. univention-directory-manager-rest.yaml 5a0169894aab | Bug #54883: use entry_uuid property univention-directory-manager-rest (10.0.2-12) 5a0169894aab | Bug #54883: use entry_uuid property univention-directory-manager-modules.yaml d73f81a117cb | Bug #54883: provide access to entryUUID for UDM objects univention-directory-manager-modules (15.0.11-54) 5a0169894aab | Bug #54883: use entry_uuid property d73f81a117cb | Bug #54883: provide access to entryUUID for UDM objects Merged to UCS 5.0-2: univention-directory-manager-rest (10.0.3-1) 7a4d42ac7cca | Bug #54883: use entry_uuid property univention-directory-manager-modules (15.0.12-2) 7a4d42ac7cca | Bug #54883: use entry_uuid property bfc20d78db7d | Bug #54883: provide access to entryUUID for UDM objects
YAML: OK UDM API: Works REST API: Still correct
This may break UCS@school. The exam mode does something like that for (key, value) in user_orig.oldattr.items(): al.append((key, value)) ldap_admin_write.add(exam_user_dn, al) meaning that this would add an object with a specific entry uuid?
univention-directory-manager-rest (10.0.2-12) 1903293e0038 | Bug #54883: move operational attributes into a private dictionary univention-directory-manager-modules (15.0.11-54) 8d5901b07802 | fixup! Bug #54883: move operational attributes into a private dictionary 1903293e0038 | Bug #54883: move operational attributes into a private dictionary The UCS@school Exam mode copied all attributes from `oldattr` and created a new exam user with those attributes. This fails because `entryUUID` is part of it, while the LDAP server only allows to set this via relax control. For now, we put the operational attributes into a private instance. UCS@school has to exclude them explicitly. As soon as this is ensured we can move the operational attributes back into oldattr, so they can be accessed from outside as well.
REOPEN: as we are now removing entryUUID from oldattr code which prior explicitly used it fails: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/univention/listener/api_adapter.py", line 169, in _handler self._module_handler.error_handler(dn, old, new, command, exc_type, exc_value, exc_traceback) File "/usr/lib/python3/dist-packages/univention/listener/handler.py", line 260, in error_handler reraise(exc_type, exc_value, exc_traceback) File "/usr/lib/python3/dist-packages/six.py", line 693, in reraise raise value File "/usr/lib/python3/dist-packages/univention/listener/api_adapter.py", line 166, in _handler self._module_handler.create(dn, new) File "/usr/lib/univention-directory-listener/system/office365-user.py", line 74, in create self.connector.create(udm_object=udm_user) File "/usr/lib/python3/dist-packages/univention/office365/connector/connector.py", line 507, in create self.new_or_reactivate_user(udm_object) File "/usr/lib/python3/dist-packages/univention/office365/connector/connector.py", line 463, in new_or_reactivate_user user_azure = self.parse(udm_object) File "/usr/lib/python3/dist-packages/univention/office365/connector/connector.py", line 693, in parse onPremisesImmutableId=udm_user.entryUUID, File "/usr/lib/python3/dist-packages/univention/office365/udmwrapper/udmobjects.py", line 192, in entryUUID return self.udm_object_reference.oldattr["entryUUID"][0].decode('UTF-8') File "/usr/lib/python3/dist-packages/univention/admin/handlers/__init__.py", line 478, in __getitem__ elif key not in self.__no_default and self.descriptions[key].editable: KeyError: 'entryUUID'
(In reply to Florian Best from comment #5) > REOPEN: as we are now removing entryUUID from oldattr code which prior > explicitly used it fails: reverted for UCS 5.0-1, moving Target Milestone to UCS 5.0-2. We will fix this by extending oldattr with operational attributes and adjust UCS@school accordingly. The preup.sh of UCS 5.0-2 will block a UCS@school version which doesn't contain the fix. d787677612 Revert "Bug #54883: provide access to entryUUID for UDM objects" 4e10bc8c80 Revert "Bug #54883: use entry_uuid property" bc87410ea7 Revert "Bug #54883: move operational attributes into a private dictionary" 81d86a7565 Revert "fixup! Bug #54883: move operational attributes into a private dictionary" Revert of the workaround in UCS 5.0-2: dbc22eb961 Revert "Bug #54883: move operational attributes into a private dictionary"
The preup.sh check script has been adjusted accordingly: univention-updater c993e99b407c | Bug #54883: Bug #54896: require UCS@school 5.0 v2 to upgrade to UCS 5.0-2
Code: OK, no regressions found Changelog: OK preup.sh: OK
UCS 5.0-2 has been released. https://docs.software-univention.de/release-notes-5.0-2-en.html If this error occurs again, please clone this bug.